Folks,
the patch below cannot be literally backported to 2.0.x. Everyone would
agree that the echo filter is inherently a DoS attack even when it's
working as expected. But other protocol module authors have based their
code on this module; and it was dangerous precident to never establish
any timeout.
We could, obviously, throw the same hack as mod_ftp's code in mod_echo,
prior to the first get_brigade invocation;
client_socket = ap_get_module_config(cdata->conn_config,
&core_module);
apr_socket_timeout_set(client_socket, cdata->base_server->timeout);
but that's hackish, and truly does nothing for any existing borked
protocol module out there, written by unsuspecting authors.
Here's a proposed patch for 2.0 that would move the -initial- timeout
setting from underneath NET_TIME. Yet it would retain the NET_TIME
filter for managing keep-alive time outs, thus maintaining all binary
and nearly identical behavior compatibility in the 2.0.x branch.
Comments?